NTT Ltd.
Location
Secunderabad | India
Job description
Want to be a part of our team
Provides technical support to field engineers, technicians, and product support personnel who are diagnosing, troubleshooting, repairing, and debugging complex electro/mechanical equipment, computer systems, complex software, or networked and/or wireless systems. Responds to situations where first-line product support has failed to isolate or fix problems in malfunctioning equipment or software. Reports design, reliability, and maintenance problems or bugs to design engineering/software engineering. May be involved in customer installation and training. Provides support to customers/users where the product is highly technical or sophisticated in nature. Working at NTT The SOC L3 is responsible for providing service to clients by proactively identifying and resolving technical incidents and problems. Through preemptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. Their primary objective is to ensure zero missed service level agreement (SLA) conditions. The SOC L3 is responsible for managing tickets of low to high complexity. Key Roles and Responsibilities: NG SIEM (SIEM+SOAR+UEBA) Tool Overall Administration, Management, Backup & Archival, Troubleshooting Upgrade/Update/Patching of NG SIEM Solution Monitor NG SIEM Console & Dashboards and provide response & support to remote SOC team for Incidents. Support the day to day operation of deployed NG SIEM. Perform initial analysis for known issues and provide the appropriate recommendations for closure. Monitor & Reporting of system components health and take necessary action in case of any observed issue. Provide notification and communication with Incident management and respective application team upon threat detection. Perform analysis on the reported incidents, determine the root cause, and recommend the appropriate solution. Integration of NG SIEM with IS infrastructure (Existing/Future) but not limited to like IPS, WAF, Patch Management, Firewall, Anti-APT solution, Antivirus, EDR, AD, ERP, DLP, VMT, Exchange, SharePoint, Network Devices, Web Services, Custom applications etc. & also on respective version upgrade(s) Develop appropriate use cases/playbooks/models/reports and alerts & develop custom parsers/connectors for integrating logs wherever necessary or required. Integration of SIEM/SOAR/UEBA Tool with security/non-security solutions based on requirement & architecture and develop/modify appropriate use cases/rules, playbooks/models, reports and alerts. Use and apply learnings from incident and provide recommendation for standardizing the NG SIEM Solution. Reduction of False Positives by fine tuning existing correlation rules/configuration/playbooks/models Automation with continuous improvements, Reduction in MTTR, MTTD Develop and implement processes for interfacing with operational teams and other supporting teams. Ensure the NG SIEM integration is intact among the Client SOC solutions, other assets Design, create and customize the dashboards as per the client requirements. Ensure the necessary client SOC documents like operating procedures, configuration management, Low Level Design etc. are up to date with the changes made in their respective areas. Automating Day to Day Tasks related with NG SIEM Operations (but not limited to) Above is illustrative list of general activities. All Technology specific activities Related to NG SIEM to be carried out. Use and apply learnings from incident and provide recommendation for standardizing the NGSIEM Solution. Ensure the SIEM integration is intact among the SOC solutions, other assets Design, create and customize the dashboards/reports as per the client requirements. Support on boarding and maintenance of a wide variety of data sources to include various OS, appliance, and application logs. Create Custom queries, custom dashboards, and visualizations Create and manage NG SIEM knowledge objects to include apps, dashboards, saved and scheduled searches and alerts. Support access requests and modifications and permissions Support troubleshooting and remediation of issues as they arise with data ingestion and NG SIEM infrastructure Work on Improvement of overall posture of NG SIEM deployment to achieve Best return on investment. Monitor & report on cyber threats and suggest any changes needed to protect the organization in SIEM, Leading End-to-End Implementation of the suggested changes. Should have a very good understanding on MITRE attack & NIST framework. Threat Hunting RequirementsJob tags
Salary